Lot of W32.Rontokbro@mm infection

In one of the node, we are getting lot of W32.Rontokbro@mm virus detections. it has been found to take lot traffic. Ran many of the tools suggested by Symantec but the issue still persists. Can i create an exception for this known detection from the server level? The user is annoyed because the computer hangs because of the continuos detection of this threat. Please help.

The infected computer seems to be running with some application which is also shared by other users. The application is used internally and accessed by only 5-10 people from their computers. It is been found that as and when these users share their folders, they also get those virus detection. Please let me know how to add exceptions for application and what type of exception would be better in my case ?

You run a scan multiple times and it continually finds threats previously quarantined in C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine. A full system scan will find the files and claim that it successfully quarantined the file but will be found my another full system scan in the same location.

Cause: Unknown. It is suspected that the SRTSP is a middle point for the main quarantine typically located in C:\Documents and Settings\All Users\Application data\Symantec Endpoint Protection\Quarantine

Solution:

Disable the System Restore from the Machine.

When trying to access C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine you will probably get an access denied.

Right click on the folder, go to Properties then Security.

Add the user who is currently logged on with Full Control.

Open command window (Start > Run > cmd).

At command prompt, navigate to the directory (cd "C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine")

Delete all files by typing the command del *.* and hit enter.

Restore the default privileges by removing the user added with Full Control.

whenever a user in our network try to share some folders, the virus is found. Users have been told not to share folders. At the same time, the application currently running on the machine is planned to be put in a dedicated machine. Will have to perform few other stesp once the user is free. Thanks for your suggestions.